CN109558739A - Program operating method, device, terminal and readable medium - Google Patents
Program operating method, device, terminal and readable medium Download PDFInfo
- Publication number
- CN109558739A CN109558739A CN201710884605.5A CN201710884605A CN109558739A CN 109558739 A CN109558739 A CN 109558739A CN 201710884605 A CN201710884605 A CN 201710884605A CN 109558739 A CN109558739 A CN 109558739A
- Authority
- CN
- China
- Prior art keywords
- sdk
- program
- host program
- server
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Stored Programmes (AREA)
- Telephonic Communication Services (AREA)
Abstract
This application discloses a kind of program operating method, device, terminal and readable mediums, belong to information security field.The described method includes: host program starts the first process when receiving program enabling signal;Host program is independently of the process except the first process by corresponding second process of the first process initiation SDK, the second process;When receiving function using signal, host program calls the api interface of SDK offer by the first process;Second process obtains target data from server according to calling;Second process provides program function to the first process according to target data.The application by by corresponding second process of SDK independently of corresponding first process of host except, it solves in the related technology since SDK is run in host process, the technical issues of host program can relatively easily crack SDK, since host program can only use the program function of SDK by the api interface for calling SDK to provide, and corresponding second process of SDK cannot be directly accessed, therefore improve the safety of SDK.
Description
Technical field
This application involves information security field, in particular to a kind of program operating method, device, terminal and readable medium.
Background technique
SDK (Software Development Kit, software tool development kit) is a kind of for when establishing application software
Developing instrument set.In general, software vendor is by some basic program function packages, and API is provided out by SDK and is connect
Mouthful.
For example, SDK is supplied to software vendor B by software vendor A, software vendor B can carry out secondary development based on SDK,
It is developed based on the host program of the SDK.After host program starting, the related process of SDK is operated in host process by terminal
In, SDK is sightless to ordinary user.Ordinary user is made only it is observed that the operation of host process based on host process
With the various functions of host process.
Since SDK is operated in host process, if host program is developed by malicious persons, pass through host
It is to be relatively easy to that program, which crack to SDK,.For example, SDK can interact some significant datas with server, host program holds very much
Easily listen to these significant datas.
Summary of the invention
The embodiment of the invention provides a kind of program operating method, device, terminal and readable mediums, solve the prior art
Problem.The technical solution is as follows:
In a first aspect, provide a kind of program operating method, applied in the terminal for being equipped with host program, the host
Program is that the program of secondary development is carried out based on SDK, which comprises
When receiving program enabling signal, the host program starts the first process;
The host program is by corresponding second process of SDK described in first process initiation, second process
Independently of the process except first process;
When receiving function using signal, the host program calls the SDK to provide by first process
Api interface;
Second process obtains target data according to described call from server;
Second process provides program function to first process according to the target data.
Second aspect provides a kind of program running gear, applied to include host program module terminal in, the dress
It sets including the host program module and SDK module, the host program module is to carry out secondary development based on the SDK module
Program module, operation has the first process in the host program module, and operation has the second process in the SDK module, described
Except second process is independently of first process;
The host program module, for starting first process when receiving program enabling signal;By described
Second process described in first process initiation;When receiving function using signal, the SDK is called to mention by first process
The api interface of confession;
The SDK module, for obtaining target data according to described call from server by second process;According to
The target data provides program function to first process.
The third aspect provides a kind of terminal, and the terminal includes processor and memory, is stored in the memory
At least one instruction, at least a Duan Chengxu, code set or instruction set, at least one instruction, an at least Duan Chengxu, institute
Code set or instruction set is stated to be loaded by the processor and executed to realize program operating method as described in relation to the first aspect.
Fourth aspect provides a kind of computer readable storage medium, which is characterized in that is stored in the storage medium
At least one instruction, described instruction are loaded by processor and are executed to realize program operating method as described in relation to the first aspect.
Technical solution provided in an embodiment of the present invention has the benefit that
By by corresponding second process of SDK independently of corresponding first process of host except, solve in the related technology
Since SDK is run in host process, the technical issues of host program can relatively easily crack SDK, due to host's journey
Sequence can only by call SDK provide api interface use SDK program function, and cannot directly access SDK corresponding second into
Journey, therefore host program can not listen to the data packet communicated between the operating condition and SDK and server of SDK, improve
The safety of SDK.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for
For those of ordinary skill in the art, without creative efforts, it can also be obtained according to these attached drawings other
Attached drawing.
Fig. 1 is the schematic diagram of implementation environment involved in the program operating method of the application one embodiment offer;
Fig. 2 is the method flow diagram for the program operating method that the application one embodiment provides;
Fig. 3 is the block diagram for the host program that the application one embodiment provides;
Fig. 4 is the host program that the application one embodiment provides and the interaction schematic diagram of SDK;
Fig. 5 is the method flow diagram for the program operating method that another embodiment of the application provides;
Fig. 6 is the method flow diagram for the program operating method that another embodiment of the application provides;
Fig. 7 is the method flow diagram for the program operating method that another embodiment of the application provides;
Fig. 8 is the device block diagram for the program running gear that the application one embodiment provides;
Fig. 9 is the structural block diagram for the terminal that the application one embodiment provides.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with attached drawing to embodiment party of the present invention
Formula is described in further detail.
Several nouns involved in the application are introduced first:
SDK (Software Development Kit, software tool development kit): being a kind of for when establishing application software
Developing instrument set.In general, software vendor is by some basic program function packages, and api function is provided out by SDK
Interface.
Host program: being the program that SDK is integrated after the secondary development of program development side, since SDK is built in the program,
Therefore the program is referred to as host program by image.
Api interface (Application Programming Interface): being the preset function of SDK, for being based on
The host program of SDK provides the function interface of the program function of access SDK.
Symmetric key: also known as private key encryption, that is, the both sides for sending and receiving data use identical key pair plaintext
Operation is encrypted and decrypted.Symmetric key encryption algorithm specifically includes that DES (Data Encryption Standard, data
Encryption standard), 3DES (Triple DES, triple data encryption algorithm), IDEA (International Data
Encryption Algorithm, international data encryption algorithm), FEAL (Fast Data Encipherment Algorithm,
Block encryption algorithm), Blowfish (symmetric key block encryption algorithm) etc..
Asymmetric cryptographic key: including one group of public key (Public Key) and private key (Private Key), public key refers to public affairs
The key opened does not need to maintain secrecy, and decryption side can obtain through various channels;And private key refers to and is only held by encryption side itself
Some keys, maintain secrecy.
Socket interface: being a kind of api interface, encapsulates to ICP/IP protocol.
JCE (Java Cryptography Extension): encryption, key generates and negotiation functionality for providing for one kind
Data packet, can provide the encryption to symmetrical, asymmetric, block and stream cipher support.
GUID (Globally Unique Identifier, globally unique identifier): being a kind of two generated by algorithm
System length is the numeric identifier of 128 (being also likely to be other digits).GUID is mainly used for possessing multiple nodes, more
In the network or system of computer, one equipment of unique identification.In the ideal case, any computer and computer cluster be not
Two identical GUID can be generated.
Root (highest operation permission): Root user is the super keepe in operating system with highest permission, tool
It is equal to the permission of operating system.
Simulator (Simulator): also known as emulator refers to the main function by software analog hardware processor and refers to
The program for enabling system run electronic computer or other terminals (tablet computer, mobile terminal) can in other terminals
Software.
Referring to FIG. 1, implementation environment involved in the program operating method provided it illustrates the application one embodiment
Schematic diagram, as shown in Figure 1, the implementation environment include: SDK provider 110, host program exploitation side 120, host program publication
Platform 130 and terminal 140.Between SDK provider 110 and host program exploitation side 120 can by wired or wireless network into
Row connection, can be connected between host program exploitation side 120 and host program distribution platform 130 by wired or wireless network
It connects.Wherein, SDK provider 110 is for generating SDK, and the SDK is sent to host program exploitation side 120, and SDK provider can
To be the server of SDK provider.Host program exploitation side 120 can be the terminals such as mobile phone, tablet computer, computer,
It is also possible to work station, server etc..Host program distribution platform 130 is for issuing host program, for example, the host program is sent out
Cloth platform 130 can be application platform Apple Store of Apple Inc., Google application platform Google Play, rise
Application platform application treasured of news company etc..Terminal 140 is used to download host program from host program distribution platform 130 and run
The host program, terminal 140 can be mobile phone, tablet computer, computer, personal digital assistant etc..
Referring to FIG. 2, the method flow diagram of the program operating method provided it illustrates the application one embodiment.This reality
Example is applied so that the program operating method is applied in terminal 140 as shown in Figure 1 as an example, this method comprises:
In step 201, when receiving program enabling signal, host program starts the first process.
When user needs using host program, user clicks the icon of host program, and host program receives user and clicks
The enabling signal that icon generates starts the first process.Wherein, the first process is operate in the journey that in host program and SDK is provided
The relevant process of sequence function.
In step 202, for host program by corresponding second process of the first process initiation SDK, the second process is independent
Process except the first process.
After the first process initiation, corresponding second process of the first process initiation SDK, wherein the second process is operate in
In SDK, and independently of the process except the first process.
In step 203, when receiving function using signal, host program calls SDK to provide by the first process
Api interface.
When the program function that user needs to provide using SDK, the relevant program function icon of host program, host are clicked
Program receives the function that user's click program function icon generates and uses signal, is connect by the API that the first process calls SDK to provide
Mouthful.Wherein, which is some program function icon in host program, the journey which provides
Sequence function is the program function provided based on SDK, is not referred to all program functions in host program.
As shown in figure 3, in the present embodiment, SDK is packaged to host program opening API interface, SDK corresponding
Independently with server communication, the api interface that host program can call SDK to provide by corresponding first process obtains two processes
The relative program function of SDK.
For example, having and connecting automatically as shown in figure 4, host program is a application program for having automatic connection Wi-Fi
Connect the function of Wi-Fi.The host program can be write using Jave language, and corresponding first process of the host program can be one
A Java process, and SDK can provide the function of automatic connection Wi-Fi by running Native process, provide host program
Api interface between Java process and the Native process of SDK can be Socket interface.Optionally, api interface further includes one
Group JCE data packet, for providing, encryption, key generates and negotiation functionality.
In step 204, the second process obtains target data from server according to calling.
Corresponding second process of SDK obtains target data from server, due to the second process according to the calling of the first process
The process being independently of except the first process, therefore host program can not monitor the friendship of the data between the second process and server
It changes.
For example, as shown in figure 4, target data can be the corresponding Wi-Fi password of wireless router.Host program is corresponding
Java process initiation Wi-Fi list scan, the specified Wi-Fi function of Native process is called by Socket interface, and SDK is corresponding
Native process by connecting and communicating with server, obtain Wi-Fi password from server, which passed through into Map
Caching, and upper corresponding wireless router is connected by the Wi-Fi password.Wherein, password only occur and be stored in Native into
Cheng Zhong, Java process can not access and monitor Native process.
In step 205, the second process provides program function to the first process according to target data.
Corresponding second process of SDK executes program function by the target data obtained from server, and host program is corresponding
The first process by from api interface get the second process provide program function, execute host program corresponding first into
Journey.
For example, as shown in figure 4, sending after the upper Wi-Fi of Native process connection to Java process for connection without route
By device information, Java process is connected automatically to the corresponding no route of Wi-Fi password using Native process by Socket interface
By device, the function of automatic connection Wi-Fi is realized.After realizing automatic connection radio router function, Native process is raw
It is added in operating system at Wificonfig file by Binder (interprocess communication), Java process passes through Wificonfig
File monitors Wi-Fi connection status.
In conclusion in the embodiment of the present application, by by corresponding second process of SDK independently of host corresponding first into
It except journey, solves in the related technology since SDK is run in host process, host program can be relatively easily broken to SDK
The technical issues of solution, since host program can only use the program function of SDK by the api interface for calling SDK to provide, and cannot
Directly corresponding second process of access SDK, therefore host program can not listen to the operating condition and SDK and server of SDK
Between the data packet that communicates, improve the safety of SDK.
Referring to FIG. 5, the method flow diagram of the program operating method provided it illustrates another embodiment of the application.This
Embodiment by the program operating method be applied to terminal 140 as shown in Figure 1 in for, this method comprises:
In step 501, when receiving program enabling signal, host program starts the first process
When user needs using host program, user clicks the icon of host program, and host program receives user and clicks
The enabling signal that icon generates starts the first process.Wherein, the first process is operate in host program and SDK provides program
The relevant process of function.
In step 502, host program initializes the api interface of SDK.
Before the api interface that host program calls SDK, host program carries out initial firstly the need of the api interface to SDK
Change, during initialization, one section of code in SDK operates in corresponding first process of host program, for detecting it
Running environment whether there is security risk.
Optionally, SDK whether there is security risk, including step 503 to step by the first process detection running environment
At least one step in 505 3 steps.The present embodiment with include all three steps illustrate.
In step 503, SDK detects whether current account number in terminal obtains highest operation permission.
Whether current account number corresponding to SDK detection terminal obtains highest operation permission, that is, judge currently to log in is
Whether the account that unites is Root account, and since Root account has systematic highest permission, host system can connect around API
Mouth directly accesses and monitors the second process of SDK, to have security risk.
Therefore, when api interface of the host program to SDK initializes, SDK needs to detect whether current account number obtains
Highest runs permission, if testing result is that current account number obtains highest and runs permission, enters step 506b.If detection knot
Fruit is that current account number does not obtain highest operation permission, then enters step 503, or enter step 506a.
In an alternative embodiment, due to obtain highest operation permission terminal can generate a SU binary system can
File is executed, SDK judges whether current account number obtains most by the way that whether detection terminal has SU binary executable
Height operation permission.
In step 504, SDK detects whether terminal is the virtual terminal of simulator.
SDK detects whether terminal is the virtual terminal of simulator.By the virtual terminal of simulator can around according to
The Internet Security Standard that bad hardware plays a role, for example, host program can directly access and monitor the second of SDK around API
Process, to have security risk.
Therefore, when initializing to api interface, SDK needs to detect whether current account number is the virtual terminal of simulator,
If testing result is the virtual terminal of simulator for present terminal, 506b is entered step;If testing result is present terminal
It is not the virtual terminal of simulator, then enters step 505, or enter step 506a.
In an alternative embodiment, SDK is by calling the hardware component of terminal to judge whether terminal is simulator institute
Virtual terminal, for example the hardware component of the terminals such as sensor, camera, gyroscope, bluetooth is called, if malloc failure malloc,
Determine that terminal is the virtual terminal of simulator;If calling successfully, it is determined that terminal is entity hardware.
In step 505, SDK detects whether corresponding first process of host program is tracked.
Whether corresponding first process of SDK detection host program and/or the related process of SDK are tracked, if host's journey
Corresponding first process of sequence is tracked, then when the first process calls api interface, is likely to result in information leakage, has safety
Hidden danger.If SDK detects host program, corresponding first process is tracked, and enters step 505b;If SDK detects host's journey
Corresponding first process of sequence is not tracked, then enters step 506a.
The system that tracing program Strace is commonly used to when tracking process executes is called and received signal.In Linux system
System or android system in, process cannot direct access hardware devices, when process need access hardware devices (such as receive net
Network data etc.) when, it is necessary to kernel mode is switched to by user mode, access hardware devices, Strace program are called by system
The system that a process generates can be traced into call, including parameter, return value, the time for executing consumption etc., therefore, when first
When process is tracked, Strace program can obtain the information saved in SDK around api interface.
In an alternative embodiment, SDK is by detecting whether terminal there is tracked information to judge that host program is corresponding
The first process whether be tracked, if having tracked information, it is determined that corresponding first process of host program is tracked;If not having
There is tracked information, it is determined that corresponding first process of host program is not tracked.
In step 506a, SDK passes through first the second process of process initiation.
After determining that currently running environment does not have security risk, SDK passes through first the second process of process initiation.
In step 506b, api interface initialization failure.
Meet after api interface of the host program to SDK initializes any one following, it is determined that at the beginning of api interface
Beginningization failure: current account number obtains highest operation permission, the terminal terminal virtual for simulator, or, host program is corresponding
The first process be tracked.
If api interface initialization failure, SDK returns to initialization failure information, host program corresponding the to host program
One process is not capable of calling the api interface of SDK.
In step 507, when receiving function using signal, host program calls SDK to provide by the first process
Api interface.
When the program function that user needs to provide using SDK, the relevant program function icon of host program, host are clicked
Program receives the function that user's click program function icon generates and uses signal, is connect by the API that the first process calls SDK to provide
Mouthful.Wherein, which is some program function icon in host program, the journey which provides
Sequence function is the program function provided based on SDK, is not referred to all program functions in host program.
In step 508, for the second process according to calling from server acquisition target data, the second process is independently of first
Process except process.
Corresponding second process of SDK obtains target data from server according to the calling of the first process.Optionally, target
Data are related with the program function that SDK is provided, and target data is confidential data.Wherein, second process be independently of first into
Process except journey.
In step 509, the second process provides program function to the first process according to target data.
Corresponding second process of SDK executes program function by the target data obtained from server, and host program is corresponding
The first process by from api interface get the second process provide program function, execute host program corresponding first into
Journey.
Illustratively, the operating system of terminal is android system, and corresponding second process of SDK is Native process, should
Native process receives the primary insulation blocking of operating system and reinforcement protection, and the first process corresponding to host process can not visit
Ask or listen to the operating condition in relation to the second process.
In conclusion in the embodiment of the present application, by by corresponding second process of SDK independently of host corresponding first into
It except journey, solves in the related technology since SDK is run in host process, host program can be relatively easily broken to SDK
The technical issues of solution, since host program can only use the program function of SDK by the api interface for calling SDK to provide, and cannot
Directly corresponding second process of access SDK, therefore host program can not listen to the operating condition and SDK and server of SDK
Between the data packet that communicates, improve the safety of SDK.
Further, in the embodiment of the present application, by right before corresponding first process of host program calls api interface
Whether api interface initialization has peace by the running environment of the corresponding first process detection api interface of host program by SDK
Full hidden danger solves under the running environment with security risk, and host program calls safety caused by the api interface of SDK
Potential problem further improves the safety of SDK.
It in an alternative embodiment, can be by " non-when corresponding second process of SDK is communicated with server
The mode that symmetric cryptography and symmetric cryptography " combines carries out.Wherein, asymmetric encryption is for corresponding second process of SDK and service
Negotiate encryption key between device, symmetric cryptography for the session data packet between the second process corresponding to SDK and server into
Row encryption.
Referring to FIG. 6, the method flow diagram of the program operating method provided it illustrates another embodiment of the application.This
Embodiment by the program operating method be applied to terminal 140 as shown in Figure 1 in for, this method comprises:
In step 601, when receiving program enabling signal, host program starts the first process
When user needs using host program, user clicks the icon of host program, and host program receives user and clicks
The enabling signal that icon generates starts the first process.Wherein, the first process is operate in host program and SDK provides program
The relevant process of function.
In step 602, host program passes through corresponding second process of the first process initiation SDK
After the first process initiation, corresponding second process of the first process initiation SDK, wherein the second process is operate in
In SDK, and independently of the process except the first process.
In step 603, when receiving function using signal, host program calls SDK to provide by the first process
Api interface.
When the program function that user needs to provide using SDK, the relevant program function icon of host program, host are clicked
Program receives the function that user's click program function icon generates and uses signal, is connect by the API that the first process calls SDK to provide
Mouthful.Wherein, program function icon is some program function icon in host program, the program which provides
Function is the program function provided based on SDK, is not referred to all program functions in host program.
In step 604, the second process detection symmetric cryptographic key whether there is.
In corresponding second process of SDK according to calling before server acquisition target data, the second process is needed to SDK
Symmetric cryptographic key between server is detected.
Firstly, whether there is symmetric cryptographic key in the second process detection SDK, and if it exists, then enter step 605 or step
612;If it does not exist, then 606 are entered step.
In step 605, the second process detection symmetric cryptographic key there are durations whether to reach default effective time.
Usually, symmetric cryptographic key too long can increase the chance that cracks to attacker using the time.In order to guarantee to pacify
Entirely, symmetric cryptographic key has certain timeliness, if it exceeds timeliness, then symmetric key can fail, and need to regenerate at this time
Symmetric key.
Therefore, whether duration existing for the symmetric cryptographic key in the second process detection SDK reaches preset effective time;
If so, entering step 606;If it is not, then entering step 612.
In step 606, the second process generates random number.
If the second process does not detect symmetric cryptographic key in SDK, and/or, pair of second process detection into SDK
Claim encryption key to reach default effective time, then generate a random number, the random number by as symmetrical in this session plus
Key.
In step 607, the second process encrypts random number by the private key in asymmetric encryption, obtains first and adds
Close result.
Second process, to random number encryption, obtains the first encrypted result by the private key in asymmetric encryption in SDK.This Shen
Please in embodiment, SDK to the information that server is sent by the private key encryption in asymmetric encryption in SDK, by being stored in clothes
The public key decryptions being engaged in the asymmetric encryption at device end.When host program exploitation side obtains SDK from SDK provider, wrapped in SDK
Public key storage containing the private key in asymmetric encryption, and in asymmetric encryption is in the server.
Unsymmetrical key includes one group of public key and private key.Public key refers to disclosed key, does not need to maintain secrecy, decryption side
It can obtain through various channels;And private key refers to the key only held by encryption side itself, maintains secrecy.One public key
A corresponding private key;Public key and private key have collectively constituted a kind of asymmetric encryption mode.Asymmetric encryption mode, which refers to, uses public key
The information of encryption can only be decrypted with corresponding private key, can only also be solved with corresponding public key using the information of private key encryption
It is close.That is, the key that encryption and decryption use is different.
Such as: it is assumed that A will send encryption information to B, then A first has to obtain public key corresponding with B, then uses and B pairs
After the information that the public key answered sends needs encrypts, encrypted information is sent to B, B is in the encryption for receiving A transmission
Information after, it is necessary to the information of encryption can be just decrypted, be obtained interior in the information of encryption using private key corresponding with B
Hold.Since private key corresponding with B only has B oneself to possess, the information for the encryption that A is sent is safe.
In step 608, the first encrypted result is sent to server by the second process.
It, will after second process obtains the first encrypted result to random number encryption by the private key in asymmetric encryption in SDK
First encrypted result is sent to server by wired or wireless network.
After server obtains the first encrypted result, by storing the public key in asymmetric encryption in the server to first
Encrypted result decryption, obtains decrypted result.And according to the random number in decrypted result as key to be verified, and will be to be verified close
Key and the session identification of this session are by obtaining the second encrypted result after the public key encryption in asymmetric encryption.
Wherein, the corresponding session identification of each session and a symmetric key of the second process and server.
In step 609, the second process receives the second encrypted result that server is sent.
After key to be verified and session identification are passed through the public key encryption in asymmetric encryption by server, the second encryption is obtained
As a result after, the second encrypted result is sent to corresponding second process of SDK by wired or wireless network.
In step 610, the second process is decrypted the second encrypted result by asymmetric encryption private key, obtains session
Mark and key to be verified.
Corresponding second process of SDK is decrypted the second encrypted result by the private key in asymmetric encryption, is understood
Words mark and key to be verified.
In step 611, key to be verified is determined as by the second process when determining random number and cipher key match to be verified
The symmetric cryptographic key of this session.
Corresponding second process of SDK after obtaining key to be verified, determine key to be verified whether with nonces match (
I.e. whether the two is identical), if key to be verified and nonces match, add the key to be verified as the symmetrical of this session
Key.
In step 612, it whether there is GUID in the second process detection terminal.
It whether there is the corresponding GUID of terminal in second process detection server.Wherein, GUID is that server passes through algorithm
The corresponding unique identification of the terminal of generation, server end establish session with SDK by GUID identification terminal.If the second process does not have
It detects the corresponding GUID of terminal, then enters step 613;If the second process detection is entered step to the corresponding GUID of terminal
614。
In step 613, the facility information of terminal is sent to server by the second process.
If GUID is not present in terminal, facility information is sent to server by the second process, and server is according to facility information
The GUID of registration terminal, wherein facility information includes but is not limited to: device identification, OS Type, operating system version
Number, the type of current online environment, at least one of be currently located geographical location.
In step 614, the second process obtains target by the encrypted session connection of symmetric cryptographic key, from server
Data.
It after second process obtains the symmetric cryptographic key of this session, sends and requests to server, the request is for clothes
Device request transmission target data of being engaged in is added target data by symmetric cryptographic key after server receives the request of the second process
Corresponding second process of SDK is sent to after close.
In step 615, the second process provides program function to the first process according to target data.
After second process obtains the encrypted target data of symmetric cryptographic key, by symmetric cryptographic key to encrypted
Target data is decrypted, and obtains target data, provides program function to the first process by target data.
For example, target data can be the corresponding Wi-Fi password of wireless router.Second process is asked to server transmission
It asks, which is that request server sends the corresponding Wi-Fi password of wireless router, and server receives the request of the second process,
The second process will be sent to after Wi-Fi password encryption by symmetric cryptographic key, the second process obtains encrypted Wi-Fi password
Encrypted Wi-Fi password is decrypted by symmetric cryptographic key afterwards, obtains the corresponding Wi-Fi password of wireless router, and lead to
It crosses the Wi-Fi password to connect with corresponding wireless router, the first process is real by corresponding second process of SDK by api interface
The now function that automatically and wirelessly router connects.
In conclusion in the embodiment of the present application, by by corresponding second process of SDK independently of host corresponding first into
It except journey, solves in the related technology since SDK is run in host process, host program can be relatively easily broken to SDK
The technical issues of solution, since host program can only use the program function of SDK by the api interface for calling SDK to provide, and cannot
Directly corresponding second process of access SDK, therefore host program can not listen to the operating condition and SDK and server of SDK
Between the data packet that communicates, improve the safety of SDK.
Further, in the embodiment of the present application, by by rivest, shamir, adelman in conjunction with symmetric encipherment algorithm, Mei Geyi
Asymmetric encryption is used to negotiate encryption key between corresponding second process of SDK and server by the section time, and symmetric cryptography is used for
Session data packet between the second process corresponding to SDK and server encrypts, solve each session only pass through it is non-right
Claim computationally intensive problem caused by encryption, or, session only passes through the low problem of security performance caused by symmetric cryptography every time,
Asymmetric encryption private key on the basis of calculation amount is small improves the peace of session between corresponding second process of SDK and server
Quan Xing.
Referring to FIG. 7, the method flow diagram of the program operating method provided it illustrates another embodiment of the application.This
Embodiment by the program operating method be applied to terminal 140 as shown in Figure 1 in for, this method comprises:
In step 701, when receiving program enabling signal, host program starts the first process
When user needs using host program, user clicks the icon of host program, and host program receives user and clicks
The enabling signal that icon generates starts the first process.Wherein, the first process is operate in host program and SDK provides program
The relevant process of function.
In a step 702, host program initializes the api interface of SDK.The API of SDK is called to connect in host program
Before mouthful, host program is initialized firstly the need of the api interface to SDK, during initialization, one section in SDK
Code operates in corresponding first process of host program, for detecting its running environment with the presence or absence of security risk.
Optionally, SDK whether there is security risk, including step 703 to step by the first process detection running environment
At least one step in 705 3 steps.The present embodiment with include all three steps illustrate.
In step 703, whether current account number obtains highest operation permission in SDK detection terminal.
Whether current account number corresponding to SDK detection terminal obtains highest operation permission, that is, judge currently to log in is
Whether the account that unites is Root account, and since Root account has systematic highest permission, host system can connect around API
Mouth directly accesses and monitors the second process of SDK, to have security risk.
Therefore, when api interface of the host program to SDK initializes, SDK needs to detect whether current account number obtains
Highest runs permission, if testing result is that current account number obtains highest and runs permission, enters step 706b;If detection knot
Fruit is that current account number does not obtain highest operation permission, then enters step 704, or enter step 706a.
In an alternative embodiment, due to obtain highest operation permission terminal can generate a SU binary system can
File is executed, SDK judges whether current account number obtains most by the way that whether detection terminal has SU binary executable
Height operation permission.
In step 704, SDK detects whether terminal is the virtual terminal of simulator.
SDK detects whether terminal is the virtual terminal of simulator.By the virtual terminal of simulator can around according to
The Internet Security Standard that bad hardware plays a role, for example, host program can directly access and monitor the second of SDK around API
Process, to have security risk.
Therefore, when initializing to api interface, SDK needs to detect whether present terminal is the virtual terminal of simulator,
If testing result is the virtual terminal of simulator for present terminal, 706b is entered step;If testing result is present terminal
It is not the virtual terminal of simulator, then enters step 705, or enter step 706a.
In an alternative embodiment, SDK is by calling the hardware component of terminal to judge whether terminal is simulator institute
Virtual terminal, for example the hardware component of the terminals such as sensor, camera, gyroscope, bluetooth is called, if malloc failure malloc,
Determine that terminal is the virtual terminal of simulator;If calling successfully, it is determined that terminal is entity hardware.
In step 705, whether corresponding first process of SDK detection host program is tracked.
Whether corresponding first process of SDK detection host program and/or the related process of SDK are tracked, if host's journey
Corresponding first process of sequence is tracked, then when the first process calls api interface, is likely to result in information leakage, has safety
Hidden danger.If SDK detects host program, corresponding first process is tracked, and enters step 706b;If SDK detects host's journey
Corresponding first process of sequence is not tracked, then enters step 706a.
The system that tracing program Strace is commonly used to when tracking process executes is called and received signal.In Linux system
System or android system in, process cannot direct access hardware devices, when process need access hardware devices (such as receive net
Network data etc.) when, it is necessary to kernel mode is switched to by user mode, access hardware devices, Strace program are called by system
The system that a process generates can be traced into call, including parameter, return value, the time for executing consumption etc., therefore, when first
When process is tracked, Strace program can obtain the information saved in SDK around api interface.
In an alternative embodiment, SDK is by detecting whether terminal there is tracked information to judge that host program is corresponding
The first process whether be tracked, if having tracked information, it is determined that corresponding first process of host program is tracked, if not having
There is tracked information, it is determined that corresponding first process of host program is not tracked.
In step 706a, SDK passes through first the second process of process initiation.
After determining that currently running environment does not have security risk, SDK passes through first the second process of process initiation.
In step 706b, api interface initialization failure.
Meet after api interface of the host program to SDK initializes any one following, it is determined that at the beginning of api interface
Beginningization failure: current account number obtains highest operation permission, the terminal terminal virtual for simulator, or, host program is corresponding
The first process be tracked.
If api interface initialization failure, SDK returns to initialization failure information, host program corresponding the to host program
One process is not capable of calling the api interface of SDK.
In step 707, corresponding first process of host program calls the api interface of SDK offer.
When the program function that user needs to provide using SDK, the relevant program function icon of host program, host are clicked
Program receives the function that user's click program function icon generates and uses signal, is connect by the API that the first process calls SDK to provide
Mouthful.Wherein, which is some program function icon in host program, the journey which provides
Sequence function is the program function provided based on SDK, is not referred to all program functions in host program.
In step 708, the second process detection symmetric cryptographic key whether there is.
In corresponding second process of SDK according to calling before server acquisition target data, need to SDK and server
Between symmetric cryptography code key detected.Firstly, whether there is symmetric cryptographic key in the second process detection SDK, and if it exists,
Then enter step 709 or step 711;If it does not exist, then 710 are entered step.
In step 709, the second process detection symmetric cryptographic key there are durations whether to reach default effective time.
Usually, symmetric cryptographic key too long can increase the chance that cracks to attacker using the time.In order to guarantee to pacify
Entirely, usual symmetric cryptographic key has certain timeliness, if it exceeds timeliness, then symmetric key can fail, and need to regenerate
Symmetric key.
Therefore, whether duration existing for the symmetric cryptographic key in the second process detection SDK reaches preset effective time;
If so, entering step 710;If it is not, then entering step 711.
In step 720, the second process negotiates the symmetric cryptography of this session by asymmetric encryption private key and server
Key.
If the second process does not detect symmetric cryptographic key in SDK, and/or, pair of second process detection into SDK
Claim encryption key to reach default effective time, then generate a random number, the random number by as symmetrical in this session plus
Key.
Second process, to random number encryption, obtains the first encrypted result by the private key in asymmetric encryption in SDK.
Wherein, the second process obtains the first encryption knot by the private key in asymmetric encryption in SDK to random number encryption
Fruit.In the embodiment of the present application, the communication between SDK and server is by the private key encryption in asymmetric encryption in SDK, by depositing
Store up the public key decryptions in the asymmetric encryption of server end.When host program exploitation side obtains SDK from SDK provider, SDK
In included private key in asymmetric encryption, and the public key storage in asymmetric encryption is in the server.
It, will after second process obtains the first encrypted result to random number encryption by the private key in asymmetric encryption in SDK
First encrypted result is sent to server by wired or wireless network.
After server obtains the first encrypted result, added by storing the public key in asymmetric encryption in the server to first
Close result decryption, obtains decrypted result.And according to the random number in decrypted result as key to be verified, and by key to be verified
With this session identification by obtaining the second encrypted result after the public key encryption in asymmetric encryption.
After key to be verified and session identification are passed through the public key encryption in asymmetric encryption by server, the second encryption is obtained
As a result after, the second encrypted result is sent to corresponding second process of SDK by wired or wireless network.
Corresponding second process of SDK is decrypted the second encrypted result by the private key in asymmetric encryption, is understood
Words mark and key to be verified.
Corresponding second process of SDK after obtaining key to be verified, determine key to be verified whether with nonces match (
I.e. whether the two is identical), if key to be verified and nonces match, add the key to be verified as the symmetrical of this session
Key.
In an alternative embodiment, it whether there is GUID in the second process detection terminal, if the second process is not examined
Measure the corresponding GUID of terminal, then facility information be sent to server, server according to the GUID of facility information registration terminal,
Wherein, facility information includes but is not limited to: device identification, OS Type, operating system version number, environment of currently surfing the Internet
Type at least one of is currently located geographical location;If the second process detection is entered step to the corresponding GUID of terminal
711。
In step 711, the second process obtains target from server by the encrypted session connection of symmetric cryptographic key
Data.
It after second process obtains the symmetric cryptographic key of this session, sends and requests to server, the request is for clothes
Device request transmission target data of being engaged in is added target data by symmetric cryptographic key after server receives the request of the second process
Corresponding second process of SDK is sent to after close.
In step 712, the second process provides program function to the first process according to target data.
After second process obtains the encrypted target data of symmetric cryptographic key, by symmetric cryptographic key to encrypted
Target data is decrypted, and obtains target data, provides program function to the first process by target data.
In conclusion in the embodiment of the present application, by by corresponding second process of SDK independently of host corresponding first into
It except journey, solves in the related technology since SDK is run in host process, host program can be relatively easily broken to SDK
The technical issues of solution, since host program can only use the program function of SDK by the api interface for calling SDK to provide, and cannot
Directly corresponding second process of access SDK, therefore host program can not listen to the operating condition and SDK and server of SDK
Between the data packet that communicates, improve the safety of SDK
Further, in the embodiment of the present application, by right before corresponding first process of host program calls api interface
Whether api interface initialization has peace by the running environment of the corresponding first process detection api interface of host program by SDK
Full hidden danger solves under the running environment with security risk, and host program calls safety caused by the api interface of SDK
Potential problem further improves the safety of SDK.
Further, in the embodiment of the present application, by by rivest, shamir, adelman in conjunction with symmetric encipherment algorithm, Mei Geyi
Asymmetric encryption is used to negotiate encryption key between corresponding second process of SDK and server by the section time, and symmetric cryptography is used for
Session data packet between the second process corresponding to SDK and server encrypts, solve each session only pass through it is non-right
Claim computationally intensive problem caused by encryption, or, session only passes through the low problem of security performance caused by symmetric cryptography every time,
On the basis of calculation amount is small, the safety of session between corresponding second process of SDK and server is improved.
Referring to FIG. 8, the device block diagram of the program running gear provided it illustrates another embodiment of the application.This reality
Example is applied so that the program running gear is applied in terminal 140 as shown in Figure 1 as an example, which includes host program module 801
With SDK module 802, operation has the first process in host program module 801, and operation has the second process in SDK module, wherein place
Main program module 801 is the program module that secondary development is carried out based on SDK module 802.
Host program module 801, for starting the first process when receiving program enabling signal;Pass through the first process
Start the second process;When receiving function using signal, the api interface of SDK module offer is called by the first process;
SDK module 802, for obtaining target data from server according to calling by the second process;According to target data
Program function is provided to the first process.
In an alternative embodiment, host program module 801 is also used to:
The api interface of SDK module 802 is initialized after actuation;
SDK module 802 is also used to when api interface of the host program module 801 to SDK module 802 initializes,
It whether there is security risk by the running environment in the first process detection terminal;When security risk is not present in running environment,
Start the second process.
In an alternative embodiment, SDK module 802 is also used to, and passes through current account number in the first process detection terminal
Whether highest operation permission is obtained;
And/or;
Whether SDK module 802 is also used to, be the virtual terminal of simulator by the first process detection terminal;
And/or;
Whether SDK module 802 is also used to, be tracked by corresponding first process of the first process detection host program.
In an alternative embodiment, SDK module 802 is also used to:
Negotiate the symmetric cryptographic key of this session by asymmetric encryption private key and server by the second process;
By the second process by the encrypted session connection of symmetric cryptographic key, target data is obtained from server.
In an alternative embodiment, SDK module 802 is also used to:
Random number is generated by the second process;
Random number is encrypted by asymmetric encryption private key by the second process, obtains the first encrypted result;
The first encrypted result is sent to server by the second process;
The second encrypted result that server is sent is received by the second process;
The second ciphering process is decrypted by asymmetric encryption private key by the second process, obtain session identification and to
Authentication secret;
Through the second process when determining random number and cipher key match to be verified, key to be verified is determined as this session
Symmetric cryptographic key.
In an alternative embodiment, SDK module 802 is also used to:
By second process symmetric cryptographic key there are when it is long reach be preset with effect duration when, again through asymmetric
Encryption key and server negotiate next symmetric cryptographic key.
Fig. 9 is referred to, it illustrates the structural block diagrams of terminal provided by one embodiment of the present invention.The terminal includes: place
Manage device 901, memory 902 and network interface 903.
Network interface 903 is connected by bus or other means with processor 901, for receiving the target of server transmission
Data or the second encrypted result, or, for sending the first encrypted result to server.
Processor 901 can be central processing unit (English: central processing unit, CPU), network processes
The combination of device (English: network processor, NP) or CPU and NP.Processor 801 can further include hardware
Chip.Above-mentioned hardware chip can be specific integrated circuit (English: application-specific integrated
Circuit, ASIC), programmable logic device (English: programmable logic device, PLD) or combinations thereof.It is above-mentioned
PLD can be Complex Programmable Logic Devices (English: complex programmable logic device, CPLD), scene
Programmable gate array (English: field-programmable gate array, FPGA), Universal Array Logic (English:
Generic array logic, GAL) or any combination thereof.
Memory 902 is connected by bus or other means with processor 901, is stored at least one in memory 902
Instruction, at least a Duan Chengxu, code set or instruction set, above-mentioned at least one instruction, at least a Duan Chengxu, code set or instruction set
It is loaded by processor 901 and is executed to realize the program operating method such as Fig. 2, Fig. 5, Fig. 6 or Fig. 7.Memory 902 can be easy
The property lost memory (English: volatile memory), nonvolatile memory (English: non-volatile memory) or
Their combination.Volatile memory can be random access memory (English: random-access memory, RAM), example
Such as static random access memory (English: static random access memory, SRAM), dynamic random access memory
Device (English: dynamic random access memory, DRAM).Nonvolatile memory can be read-only memory (English
Text: read only memory image, ROM), such as programmable read only memory (English: programmable read
Only memory, PROM), Erasable Programmable Read Only Memory EPROM (English: erasable programmable read only
Memory, EPROM), electrically erasable programmable read-only memory (English: electrically erasable
Programmable read-only memory, EEPROM).Nonvolatile memory may be flash memory (English:
Flash memory), magnetic memory, for example (,) tape (English: magnetic tape), floppy disk (English: floppy disk), firmly
Disk.Nonvolatile memory may be CD.
It is a kind of computer-readable in the storage medium the embodiment of the present application also provides a kind of computer readable storage medium
Storage medium is stored at least one instruction, at least a Duan Chengxu, code set or instruction set in storage medium, and at least one refers to
It enables, an at least Duan Chengxu, code set or instruction set is loaded as processor and executed to realize as shown in Fig. 2, Fig. 5, Fig. 6 or Fig. 7
Program operating method, optionally, which includes high speed access storage, nonvolatile memory.
It should be understood that referenced herein " multiple " refer to two or more."and/or", description association
The incidence relation of object indicates may exist three kinds of relationships, for example, A and/or B, can indicate: individualism A exists simultaneously A
And B, individualism B these three situations.Character "/" typicallys represent the relationship that forward-backward correlation object is a kind of "or".
Above-mentioned the embodiment of the present application serial number is for illustration only, does not represent the advantages or disadvantages of the embodiments.
Those of ordinary skill in the art will appreciate that realizing that all or part of the steps of above-described embodiment can pass through hardware
It completes, relevant hardware can also be instructed to complete by program, the program can store in a kind of computer-readable
In storage medium, storage medium mentioned above can be read-only memory, disk or CD etc..
The foregoing is merely the preferred embodiments of the application, not to limit the application, it is all in spirit herein and
Within principle, any modification, equivalent replacement, improvement and so on be should be included within the scope of protection of this application.
Claims (14)
1. a kind of program operating method, which is characterized in that applied in the terminal for being equipped with host program, the host program is
The program of secondary development is carried out based on SDK, which comprises
When receiving program enabling signal, the host program starts the first process;
For the host program by corresponding second process of SDK described in first process initiation, second process is independent
Process except first process;
When receiving function using signal, the host program is connect by the API that first process calls the SDK to provide
Mouthful;
Second process obtains target data according to described call from server;
Second process provides program function to first process according to the target data.
2. the method according to claim 1, wherein the host program passes through described in first process initiation
Corresponding second process of SDK, comprising:
When the host program after actuation initializes the api interface of the SDK, the SDK passes through described
Running environment in terminal described in first process detection whether there is security risk;
When security risk is not present in the running environment, the SDK passes through the second process described in first process initiation.
3. according to the method described in claim 2, it is characterized in that, the SDK passes through terminal described in first process detection
In running environment whether there is security risk, comprising:
The SDK runs permission by the way that whether account number current in terminal described in first process detection obtains highest;
And/or;
Whether the SDK is the virtual terminal of simulator by terminal described in first process detection;
And/or;
Whether the SDK is tracked by corresponding first process of host program described in first process detection.
4. method according to any one of claims 1 to 3, which is characterized in that second process is called according to described from clothes
Business device obtains target data, comprising:
Second process negotiates the symmetric cryptographic key of this session by asymmetric encryption private key and the server;
Second process obtains the target by the encrypted session connection of the symmetric cryptographic key, from the server
Data.
5. according to the method described in claim 4, it is characterized in that, second process by asymmetric encryption private key with it is described
Server negotiates the symmetric cryptographic key of this session, comprising:
Second process generates random number;
Second process encrypts the random number by the asymmetric encryption private key, obtains the first encrypted result;
First encrypted result is sent to the server by second process;
Second process receives the second encrypted result that the server is sent;
Second process is decrypted second ciphering process by the asymmetric encryption private key, obtains session identification
With key to be verified;
The key to be verified is determined as by second process when determining the random number and the cipher key match to be verified
The symmetric cryptographic key of this session.
6. according to the method described in claim 5, it is characterized in that, second process by asymmetric encryption private key with it is described
Server is negotiated after the symmetric cryptographic key of this session, further includes:
Second process the symmetric cryptographic key there are when it is long reach be preset with effect duration when, again through described non-
Symmetric cryptography private key and the server negotiate next symmetric cryptographic key.
7. a kind of program running gear, applied to include host program module terminal in, which is characterized in that described device includes
The host program module and SDK module, the host program module are that the program of secondary development is carried out based on the SDK module
Module, operation has the first process in the host program module, and operation has the second process in the SDK module, described second into
Except journey is independently of first process;
The host program module, for starting first process when receiving program enabling signal;Pass through described first
Second process described in process initiation;When receiving function using signal, the SDK is called to provide by first process
Api interface;
The SDK module, for obtaining target data according to described call from server by second process;According to described
Target data provides program function to first process.
8. device according to claim 7, which is characterized in that
The host program module is also used to after actuation initialize the api interface of the SDK module;
The SDK module is also used to initialize the api interface of the SDK module when the host program module
When, security risk whether there is by the running environment in terminal described in first process detection;When the running environment not
There are when security risk, start second process.
9. device according to claim 8, which is characterized in that
The SDK module is also used to whether obtain highest fortune by account number current in terminal described in first process detection
Row permission;
And/or;
Whether the SDK module is also used to through terminal described in first process detection be the virtual terminal of simulator;
And/or;
Whether the SDK module is also used to be chased after by corresponding first process of host program described in first process detection
Track.
10. device according to any one of claims 7 to 9, which is characterized in that
The SDK module is also used to negotiate this by asymmetric encryption private key and the server by second process
The symmetric cryptographic key of session;
The SDK module, is also used to through second process through the encrypted session connection of the symmetric cryptographic key, from
The server obtains the target data.
11. device according to claim 10, which is characterized in that
The SDK module is also used to generate random number by second process;It is described non-right to be passed through by second process
Claim encryption key to encrypt the random number, obtains the first encrypted result;Described first is added by second process
Close result is sent to the server;The second encrypted result that the server is sent is received by second process;Pass through
Second process is decrypted second ciphering process by the asymmetric encryption private key, obtain session identification and to
Authentication secret;It, will be described to be verified through second process when determining the random number and the cipher key match to be verified
Key is determined as the symmetric cryptographic key of this session.
12. device according to claim 11, which is characterized in that
The SDK module be also used to by second process the symmetric cryptographic key there are when it is long reach be preset with effect
When duration, negotiate next symmetric cryptographic key again through the asymmetric encryption private key and the server.
13. a kind of terminal, which is characterized in that the terminal includes processor and memory, is stored at least in the memory
One instruction, at least a Duan Chengxu, code set or instruction set, at least one instruction, an at least Duan Chengxu, the generation
Code collection or instruction set are loaded by the processor and are executed to realize program operating method as claimed in claim 1 to 5.
14. a kind of computer readable storage medium, which is characterized in that be stored at least one instruction, institute in the storage medium
Instruction is stated to be loaded by processor and executed to realize program operating method as claimed in claim 1 to 5.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710884605.5A CN109558739B (en) | 2017-09-26 | 2017-09-26 | Program running method and device, terminal and readable medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710884605.5A CN109558739B (en) | 2017-09-26 | 2017-09-26 | Program running method and device, terminal and readable medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109558739A true CN109558739A (en) | 2019-04-02 |
CN109558739B CN109558739B (en) | 2022-04-15 |
Family
ID=65863066
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710884605.5A Active CN109558739B (en) | 2017-09-26 | 2017-09-26 | Program running method and device, terminal and readable medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109558739B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111475423A (en) * | 2020-06-29 | 2020-07-31 | 深圳市珍爱云信息技术有限公司 | Data entry method and device, electronic equipment and readable storage medium |
WO2021036450A1 (en) * | 2019-08-27 | 2021-03-04 | 苏宁云计算有限公司 | Simulator detection method and system |
CN112948824A (en) * | 2021-03-31 | 2021-06-11 | 支付宝(杭州)信息技术有限公司 | Program communication method, device and equipment based on privacy protection |
CN113282906A (en) * | 2020-02-20 | 2021-08-20 | Oppo广东移动通信有限公司 | Permission detection method, device, terminal and storage medium |
CN114071628A (en) * | 2022-01-06 | 2022-02-18 | 深圳佑驾创新科技有限公司 | Terminal communication method and device based on android system and storage medium |
CN114827252A (en) * | 2022-04-22 | 2022-07-29 | 深圳市六度人和科技有限公司 | Third-party call general method, device, system, terminal equipment and storage medium |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030023774A1 (en) * | 2001-06-14 | 2003-01-30 | Gladstone Philip J. S. | Stateful reference monitor |
CN1609792A (en) * | 2003-10-24 | 2005-04-27 | 微软公司 | Programming interface for a computer program |
CN102109986A (en) * | 2009-12-23 | 2011-06-29 | 阿里巴巴集团控股有限公司 | Method, system and device for providing connection serial numbers and connecting plugins |
CN103002445A (en) * | 2012-11-08 | 2013-03-27 | 张维加 | Safe mobile electronic equipment for providing application services |
CN103631664A (en) * | 2013-12-09 | 2014-03-12 | 北京奇虎科技有限公司 | Inter-process communication method and device |
CN104468592A (en) * | 2014-12-12 | 2015-03-25 | 北京百度网讯科技有限公司 | Login method and system |
CN104536776A (en) * | 2014-11-28 | 2015-04-22 | 百度在线网络技术(北京)有限公司 | Method and device for running plug-in application in plug-in running environment at host end |
CN105159786A (en) * | 2015-07-03 | 2015-12-16 | 北京奇虎科技有限公司 | Method and device for inter-process communication |
CN105912930A (en) * | 2016-04-11 | 2016-08-31 | 北京奇虎科技有限公司 | Mobile terminal and system resource safety control method thereof |
CN106162538A (en) * | 2015-03-19 | 2016-11-23 | 孙夫雄 | Long distance control system and method for mobile terminal |
CN106293821A (en) * | 2016-08-03 | 2017-01-04 | 北京奇虎科技有限公司 | Obtain and transmission application data, the method and device of operation application program |
-
2017
- 2017-09-26 CN CN201710884605.5A patent/CN109558739B/en active Active
Patent Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030023774A1 (en) * | 2001-06-14 | 2003-01-30 | Gladstone Philip J. S. | Stateful reference monitor |
CN1609792A (en) * | 2003-10-24 | 2005-04-27 | 微软公司 | Programming interface for a computer program |
US20050091576A1 (en) * | 2003-10-24 | 2005-04-28 | Microsoft Corporation | Programming interface for a computer platform |
CN102109986A (en) * | 2009-12-23 | 2011-06-29 | 阿里巴巴集团控股有限公司 | Method, system and device for providing connection serial numbers and connecting plugins |
CN103002445A (en) * | 2012-11-08 | 2013-03-27 | 张维加 | Safe mobile electronic equipment for providing application services |
CN103631664A (en) * | 2013-12-09 | 2014-03-12 | 北京奇虎科技有限公司 | Inter-process communication method and device |
CN104536776A (en) * | 2014-11-28 | 2015-04-22 | 百度在线网络技术(北京)有限公司 | Method and device for running plug-in application in plug-in running environment at host end |
CN104468592A (en) * | 2014-12-12 | 2015-03-25 | 北京百度网讯科技有限公司 | Login method and system |
CN106162538A (en) * | 2015-03-19 | 2016-11-23 | 孙夫雄 | Long distance control system and method for mobile terminal |
CN105159786A (en) * | 2015-07-03 | 2015-12-16 | 北京奇虎科技有限公司 | Method and device for inter-process communication |
CN105912930A (en) * | 2016-04-11 | 2016-08-31 | 北京奇虎科技有限公司 | Mobile terminal and system resource safety control method thereof |
CN106293821A (en) * | 2016-08-03 | 2017-01-04 | 北京奇虎科技有限公司 | Obtain and transmission application data, the method and device of operation application program |
Non-Patent Citations (1)
Title |
---|
王慧敏: "微内核操作系统MINIX3消息机制的研究与改进", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2021036450A1 (en) * | 2019-08-27 | 2021-03-04 | 苏宁云计算有限公司 | Simulator detection method and system |
CN113282906A (en) * | 2020-02-20 | 2021-08-20 | Oppo广东移动通信有限公司 | Permission detection method, device, terminal and storage medium |
CN113282906B (en) * | 2020-02-20 | 2024-05-03 | Oppo广东移动通信有限公司 | Authority detection method, device, terminal and storage medium |
CN111475423A (en) * | 2020-06-29 | 2020-07-31 | 深圳市珍爱云信息技术有限公司 | Data entry method and device, electronic equipment and readable storage medium |
CN112948824A (en) * | 2021-03-31 | 2021-06-11 | 支付宝(杭州)信息技术有限公司 | Program communication method, device and equipment based on privacy protection |
CN112948824B (en) * | 2021-03-31 | 2022-04-26 | 支付宝(杭州)信息技术有限公司 | Program communication method, device and equipment based on privacy protection |
CN114071628A (en) * | 2022-01-06 | 2022-02-18 | 深圳佑驾创新科技有限公司 | Terminal communication method and device based on android system and storage medium |
CN114071628B (en) * | 2022-01-06 | 2022-04-26 | 深圳佑驾创新科技有限公司 | Terminal communication method and device based on android system and storage medium |
CN114827252A (en) * | 2022-04-22 | 2022-07-29 | 深圳市六度人和科技有限公司 | Third-party call general method, device, system, terminal equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN109558739B (en) | 2022-04-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109558739A (en) | Program operating method, device, terminal and readable medium | |
US10554420B2 (en) | Wireless connections to a wireless access point | |
CN106716914B (en) | Secure key management for roaming protected content | |
US8261091B2 (en) | Solid-state memory-based generation and handling of security authentication tokens | |
CN106878245B (en) | Graphic code information providing and obtaining method, device and terminal | |
WO2019218919A1 (en) | Private key management method and apparatus in blockchain scenario, and system | |
CN108429719B (en) | Key protection method and device | |
TWI791050B (en) | Data transmission method and system | |
JP7009393B2 (en) | Use hardware-based secure isolated areas to prevent piracy and fraud on electronic devices | |
JP6015162B2 (en) | Terminal device, information processing system, information processing method, and program | |
US11470060B2 (en) | Private exchange of encrypted data over a computer network | |
CN109756447A (en) | A kind of safety certifying method and relevant device | |
CN108200078B (en) | Downloading and installing method of signature authentication tool and terminal equipment | |
US10045212B2 (en) | Method and apparatus for providing provably secure user input/output | |
CN113557703A (en) | Authentication method and device for network camera | |
CN104243452B (en) | A kind of cloud computing access control method and system | |
CN111181831B (en) | Communication data processing method and device, storage medium and electronic device | |
KR101541165B1 (en) | Mobile message encryption method, computer readable recording medium recording program performing the method and download server storing the method | |
EP3720042B1 (en) | Method and device for determining trust state of tpm, and storage medium | |
CN112004201A (en) | Short message sending method and device and computer system | |
CN114422237B (en) | Data transmission method and device, electronic equipment and medium | |
CN110457959B (en) | Information transmission method and device based on Trust application | |
KR102474897B1 (en) | A virtual private network generating method providing the virtual private network by exchanging encapsulated key based on post quantum cryptography algorithm and a virtual private network operating system performing the same | |
JP2015138336A (en) | Management method of electronic data, program therefor, and recording medium for program | |
KR102474899B1 (en) | A virtual private network generating method based on post quantum cryptography algorithm and a virtual private network operating system performing the same |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |